Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

This rule appears in the C++ Secure Coding Standard as MEM06-CPP. Ensure that sensitive data is not written out to disk.

References

Wiki Markup
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "XZX Memory Locking"
\[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 591|http://cwe.mitre.org/data/definitions/591.html], "Sensitive Data Storage in Improperly Locked Memory," and [CWE ID 528|http://cwe.mitre.org/data/definitions/528.html], "Information Leak Through Core Dump Files"
\[[Open Group 04|AA. C References#AA. CReferences-OpenGroup04]\]{{mlock(), setrlimit()}}
\[[Wheeler 03|AA. C References#Wheeler 03]\] Sections 7.14 and 11.4

...